Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/437d3c38-c370-4afe-a444-07ee5ee1ed9f.roa
File: 437d3c38-c370-4afe-a444-07ee5ee1ed9f.roa (raw, json)
Hash identifier: pQnAJvteQegEtU1tmPTr35ZDJHwSaRn/NEiOGO6hgU0=
Subject key identifier: 38:53:7F:C2:13:37:04:D7:DE:7B:07:43:96:FC:BC:9E:B5:00:2C:7B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 22761F1F2DCE90BB9DCD60AD1ED4E6819AB05EE3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/437d3c38-c370-4afe-a444-07ee5ee1ed9f.roa
Signing time: Tue 28 Oct 2025 00:30:11 +0000
ROA not before: Tue 28 Oct 2025 00:30:11 +0000
ROA not after: Tue 02 Dec 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1ff1:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:76:1f:1f:2d:ce:90:bb:9d:cd:60:ad:1e:d4:e6:81:9a:b0:5e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 28 00:30:11 2025 GMT
Not After : Dec 2 23:59:59 2025 GMT
Subject: serialNumber=a16805a2423bbbf86bcaa519140977b0f7f55fa0c8e059958f1ff07d413bd874, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6e:28:aa:97:ab:d9:15:5b:a3:6f:ad:f9:14:
06:17:f4:6a:e3:3a:0f:73:0c:a0:62:0b:05:b0:1a:
e8:26:96:62:5f:cb:e0:f3:26:e7:67:66:09:52:2d:
f2:ce:c6:d7:1b:b9:fa:16:eb:0a:8b:ff:9d:7b:a6:
65:9a:04:f7:35:66:85:62:04:5c:d5:56:7a:6c:9a:
d4:e4:e5:87:46:fd:27:82:51:72:b9:f9:08:4e:ff:
52:54:a7:4a:9c:2a:96:90:bd:cf:e1:b1:8a:5a:c8:
78:d7:ae:7a:1e:6d:03:42:ff:7a:c3:00:7a:68:ea:
93:73:ec:36:96:67:9e:e4:b4:06:44:16:ab:1e:a4:
87:45:77:1a:77:73:84:61:e1:f8:ac:9f:94:48:20:
f7:2c:cd:4c:04:c6:8e:47:cd:bc:ca:22:a4:cd:b3:
e7:f1:66:ff:75:9e:a3:f9:c6:cc:3d:70:81:6e:e6:
75:6d:f9:d4:ce:27:11:fd:af:fc:da:63:3e:cc:50:
a5:43:c0:76:e5:c5:94:55:76:90:2d:bf:ee:97:54:
21:00:c1:ee:80:fa:3e:aa:d8:85:0f:ae:6b:6c:c2:
0d:0b:83:b4:f7:03:d5:15:82:d4:38:4d:9f:f0:77:
7a:3b:45:3f:5f:32:69:56:3f:66:c4:37:14:64:12:
7b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:53:7F:C2:13:37:04:D7:DE:7B:07:43:96:FC:BC:9E:B5:00:2C:7B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/437d3c38-c370-4afe-a444-07ee5ee1ed9f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff1:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:be:ee:ec:9d:eb:92:84:1c:1e:9d:1f:4e:fd:49:e9:b9:84:
78:68:dd:10:87:d5:86:37:7a:4a:fa:11:4d:8f:cc:bd:94:e6:
f4:07:96:24:5e:73:a7:43:2f:d2:18:f5:bf:95:75:b7:d1:04:
c5:ef:bb:16:f3:df:a4:91:2e:4a:aa:07:05:b2:30:7e:c7:7d:
47:54:cb:4d:c6:7c:62:2d:6e:72:79:43:2d:5a:12:71:70:ec:
e1:e1:61:22:14:a6:1b:22:66:64:4a:95:f9:05:c7:29:78:6c:
48:41:66:4c:dc:ba:9a:e8:9e:59:7a:32:2e:af:0f:a3:0c:07:
68:9f:75:23:78:ca:39:de:45:e5:44:70:ba:68:9d:75:8a:71:
98:89:95:f1:f1:ea:82:07:e3:e6:74:13:ca:31:11:4f:9d:8c:
81:93:bf:3b:d3:85:08:18:01:ef:69:4d:00:59:30:5b:0a:91:
3d:8c:83:7f:4d:1c:c1:8e:7e:81:dc:63:c0:03:77:ee:de:ac:
16:ef:7d:ce:cf:5b:3d:db:fa:9c:61:a9:f3:29:ac:77:14:b1:
46:05:d0:08:60:9f:9b:60:bf:c7:46:e9:dd:09:06:9c:95:b3:
b4:11:14:dc:2c:2a:cd:84:4a:18:e0:f7:38:23:0f:0d:be:7b:
47:eb:55:da
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUInYfHy3OkLudzWCtHtTmgZqwXuMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAzMDExWhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTY4MDVhMjQyM2JiYmY4NmJjYWE1MTkxNDA5NzdiMGY3
ZjU1ZmEwYzhlMDU5OTU4ZjFmZjA3ZDQxM2JkODc0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXbiiql6vZFVujb635FAYX9GrjOg9zDKBiCwWwGugmlmJf
y+DzJudnZglSLfLOxtcbufoW6wqL/517pmWaBPc1ZoViBFzVVnpsmtTk5YdG/SeC
UXK5+QhO/1JUp0qcKpaQvc/hsYpayHjXrnoebQNC/3rDAHpo6pNz7DaWZ57ktAZE
FqsepIdFdxp3c4Rh4fisn5RIIPcszUwExo5HzbzKIqTNs+fxZv91nqP5xsw9cIFu
5nVt+dTOJxH9r/zaYz7MUKVDwHblxZRVdpAtv+6XVCEAwe6A+j6q2IUPrmtswg0L
g7T3A9UVgtQ4TZ/wd3o7RT9fMmlWP2bENxRkEnufAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUOFN/whM3BNfeewdDlvy8nrUALHswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQzN2QzYzM4LWMzNzAtNGFmZS1hNDQ0LTA3ZWU1ZWUxZWQ5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/xIDANBgkqhkiG9w0BAQsFAAOCAQEAf77u7J3rkoQcHp0fTv1J6bmE
eGjdEIfVhjd6SvoRTY/MvZTm9AeWJF5zp0Mv0hj1v5V1t9EExe+7FvPfpJEuSqoH
BbIwfsd9R1TLTcZ8Yi1ucnlDLVoScXDs4eFhIhSmGyJmZEqV+QXHKXhsSEFmTNy6
muieWXoyLq8PowwHaJ91I3jKOd5F5URwumiddYpxmImV8fHqggfj5nQTyjERT52M
gZO/O9OFCBgB72lNAFkwWwqRPYyDf00cwY5+gdxjwAN37t6sFu99zs9bPdv6nGGp
8ymsdxSxRgXQCGCfm2C/x0bp3QkGnJWztBEU3CwqzYRKGOD3OCMPDb57R+tV2g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 06:14:03 2025 by rpki-client